Generally described, computing devices and communication networks can be utilized to facilitate various transactions between parties. In a simple embodiment, two parties can exchange financial information such as identification information and account information, to complete a financial transaction via the communication network. In some instances, however, at least one of the parties may not be comfortable with exchanging financial information. For example, an individual may not be comfortable providing financial information to a merchant that is either unknown to the individual or known to have some risk of questionable business risk. Similarly, many individuals may not be comfortable exchanging financial information with unknown individuals via the communication network, such as via email or through auction-based Web sites.
To facilitate increased financial transactions between various entities on a communication network, such as the Internet, a number of third-party service providers provide individuals and businesses (e.g., users) with an intermediary service in which the third-party service provider manages financial transactions. In accordance with a typical implementation, the third-party service provider individually establishes an “on-line” account with each user that corresponds to a financial account with a financial service provider, such as a bank, credit card service, and the like. The users can, in turn, complete financial transactions with their on-line account without having to share any underlying financial account information. Instead, the third-party service provider settles reported on-line account transactions with the corresponding financial accounts.
To establish on-line accounts with users, the third-party service providers typically require a registration process in which individuals or businesses are required to provide various contact and financial information associated with a financial service provider that will be used to settle the on-line transactions (e.g., transfer money to/from the user). In some embodiments, users are required to transfer funds in advance to the service provider which can be held in trust with a financial service provider. Additionally, in other embodiments, users may be required to identify a checking account that will be used to settle on-line account transactions.
To mitigate fraud risks associated with registering users using checking accounts, many service providers implement an account verification technique that can establish whether a user has control of the financial account used during the registration process. FIG. 1 is a block diagram illustrative of a conventional system 100 for verifying user transaction accounts including a user computing device 102, a service provider computing device 104, and a financial services computing device 106. In accordance with this embodiment, the user computing device issues an account registration request to the service provider computing device 104. In turn, the service provider computing device 104 communicates with the financial service provider computing device 106 to initiate one or two financial transactions with the financial account provider. The financial service provider 106 independently provides a record of the transaction to the service provider computing device 104 and the user computing device 102 (e.g., through an electronic or paper statement). To validate that the user has control of the account, the user computing device 102 transmits to the service provider computing device 104 data from the transaction record, such as the transaction amounts for each transaction.
Although the above-discussed approach to account access verification can help third-party service providers establish that a user has control of an underlying financial account, third-party service providers often require additional security information from users as part of their account registration practices. For example, a third-party service provider may wish to verify the contents of additional communications with the user, such as correspondence to electronic mail accounts or physical mailing addresses. In another aspect, the third-party service provider may want the user to answer detailed security questions or to provide passwords associated with an on-line account profile. Current account access verification techniques generally do not facilitate the processing of the additional security information as part of a verification routine.